vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Community Lounge (https://vborg.vbsupport.ru/forumdisplay.php?f=13)
-   -   VBPlaza (Can i repost?) (https://vborg.vbsupport.ru/showthread.php?t=144180)

Bratz-Designs 04-06-2007 07:28 PM
VBPlaza (Can i repost?)
 
Hello,

I have been talking with the creator from vbPlaza, and he has fixed the problem with vbplaza.

Quote:
CMX zegt:
u can post this at vb.org as a "fixed" package
CMX zegt:
I would, but no time atm, getting ready to head out, bbl
If a mod allows this, ill post it up for him.

Mark

Ziki 04-06-2007 07:33 PM
If it is OK with the author you are free to do so

nexialys 04-07-2007 02:03 AM
.. but you will have to offer the support for this version, as he is stating he have not time to do it...

Shazz 04-07-2007 02:05 AM
It would be best to give support. But I think there will be enough supporters in the thread.

But I would still go with Nexia's POINTS system if I was to choose.

Brad 04-07-2007 05:42 AM
Why doesn't the author just send a staff member the new files? That way someone can upload the attachment to the existing thread and move it back into the public forums.

No point in losing all the existing answers in the thread.

TruthElixirX 04-07-2007 07:01 AM
I haven't been keeping up lately, but how do we know CMX actually said that?

EricaJoy 04-07-2007 08:34 AM
Quote:
Originally Posted by Bratz-Designs (Post 1221329)
Hello,

I have been talking with the creator from vbPlaza, and he has fixed the problem with vbplaza.



If a mod allows this, ill post it up for him.

Mark
fix for what? the security issues?

Luky 04-07-2007 09:04 AM
I would like CMX to post in this thread to make sure this isnt a fake :)

Paul M 04-07-2007 09:14 AM
We would need confirmation from the Author before allowing this - that would need to be a PM to staff from his account (or a public post).

Luky 04-07-2007 09:33 AM
Quote:
Originally Posted by Luky (Post 1221748)
I would like CMX to post in this thread to make sure this isnt a fake :)
Kekeke, I'm like Jr. Paul! =]

Bratz-Designs 04-07-2007 10:57 AM
Quote:
Originally Posted by Paul M (Post 1221752)
We would need confirmation from the Author before allowing this - that would need to be a PM to staff from his account (or a public post).
I have asked him to post in this topic, i am sure he will once he has the time!

Luky 04-07-2007 11:39 AM
Its just, if he doesnt have time to post his releases himself, how can he have time to code?

CMX_CMGSCCC 04-07-2007 02:55 PM
The reason I didnt have time to post yesterday was my sister in law in over here from Germany and we were doing some stuff :)

Also I havent had time to look at v1.5.8 because I've been working on v2.0 vbPlaza for a while now. It's shaping up nicely and I hope to have a beta out by the end of the month. The entire script has been re-written and uses the "vB's" clean system as well to clean all variables, not just ones that go into the database.

As well as a very nice method to add items to the store that do PHP code, but do not require any .PHP files to be uploaded. Among other things like over 190 items to purchase from the vbPlaza. It will be much better, but I dont anticipate any time on coding it while my in-laws are here for a couple weeks.

As far as the "updated" file for v1.5.81 with the strip_tags changes, I will send it to a mod here to put on the original thread as I think that would be best until I can get v2.0 off the ground. It seems kind of mute for me to support the v1.x series too much when v2.0 is so close.


-CMX

deezelpope 04-07-2007 02:59 PM
There ya go, "The Man" has spoken.:up:

Luky 04-07-2007 03:05 PM
Quote:
Originally Posted by CMX_CMGSCCC (Post 1221925)
The reason I didnt have time to post yesterday was my sister in law in over here from Germany and we were doing some stuff :)

Also I havent had time to look at v1.5.8 because I've been working on v2.0 vbPlaza for a while now. It's shaping up nicely and I hope to have a beta out by the end of the month. The entire script has been re-written and uses the "vB's" clean system as well to clean all variables, not just ones that go into the database.

As well as a very nice method to add items to the store that do PHP code, but do not require any .PHP files to be uploaded. Among other things like over 190 items to purchase from the vbPlaza. It will be much better, but I dont anticipate any time on coding it while my in-laws are here for a couple weeks.

As far as the "updated" file for v1.5.81 with the strip_tags changes, I will send it to a mod here to put on the original thread as I think that would be best until I can get v2.0 off the ground. It seems kind of mute for me to support the v1.x series too much when v2.0 is so close.


-CMX
Oh, so you havent left? Because like yesterday or something it say your last online time was like jan or feb.. Its nice to know vBplaza has hope!

redtaz 04-07-2007 03:41 PM
Quote:
Originally Posted by CMX_CMGSCCC (Post 1221925)
The reason I didnt have time to post yesterday was my sister in law in over here from Germany and we were doing some stuff :)

Also I havent had time to look at v1.5.8 because I've been working on v2.0 vbPlaza for a while now. It's shaping up nicely and I hope to have a beta out by the end of the month. The entire script has been re-written and uses the "vB's" clean system as well to clean all variables, not just ones that go into the database.

As well as a very nice method to add items to the store that do PHP code, but do not require any .PHP files to be uploaded. Among other things like over 190 items to purchase from the vbPlaza. It will be much better, but I dont anticipate any time on coding it while my in-laws are here for a couple weeks.

As far as the "updated" file for v1.5.81 with the strip_tags changes, I will send it to a mod here to put on the original thread as I think that would be best until I can get v2.0 off the ground. It seems kind of mute for me to support the v1.x series too much when v2.0 is so close.


-CMX
Yay! Welcome back CMX, nice of you to have released a fix for vbplaza now i will install it back.

Paul M 04-07-2007 06:29 PM
The "fixed" version has been checked by the staff who examined the original exploits and they have not been found to be fixed. Therefore we have had to remove the new version.

redtaz 04-07-2007 06:47 PM
Quote:
Originally Posted by Paul M (Post 1222076)
The "fixed" version has been checked by the staff who examined the original exploits and they have not been found to be fixed. Therefore we have had to remove the new version.
Ah now that really stinks :-( Hopefully CMX can fix them.

AuroraStorm 04-07-2007 07:28 PM
Aw dammit...

...and besides CMX...when was the last time you visited your vbplaza.com site?? It's being spammed to high hell...

cashpath 04-07-2007 07:56 PM
Hey CMX any chance you can have the VB.org guys send you a list of the exploits and then you can pass them onto another coder who would be willing to at least fix those exploits for this version while you are working on 2.0?

rjmjr69 04-07-2007 08:04 PM
Quote:
Originally Posted by cashpath (Post 1222149)
Hey CMX any chance you can have the VB.org guys send you a list of the exploits and then you can pass them onto another coder who would be willing to at least fix those exploits for this version while you are working on 2.0?

Real good idea. How about CM? At least until 2.0 comes out this will release allot of your stress I'm sure. And keep people happy for now.

KHALIK 04-07-2007 09:01 PM
removed...

kall 04-07-2007 09:06 PM
Given that the exploits were confirmed to be present in the 1.5.81 file by a member of Staff, advertising the fact that you have it installed on your forums isn't the wisest course of action, IMO.

KHALIK 04-07-2007 09:10 PM
removed

Luky 04-08-2007 02:45 AM
Quote:
Originally Posted by kall (Post 1222215)
Given that the exploits were confirmed to be present in the 1.5.81 file by a member of Staff, advertising the fact that you have it installed on your forums isn't the wisest course of action, IMO.
Rofl at that!! I dont think he realises that they can fully crash his site and coz his daily backups are located on the server, they can just delete them. Also having the latest version of vB isnt gona stop them since vB isnt the exploit, vBplaza is!!

Anywho, i speak on behalf of all of us when i say, This sucks.

Shazz 04-08-2007 04:51 AM
Quote:
Originally Posted by Paul M (Post 1222076)
The "fixed" version has been checked by the staff who examined the original exploits and they have not been found to be fixed. Therefore we have had to remove the new version.
Wouldn't it be safe it the next version that was released was checked my staff first?! :|

If the conversation was true how CMX said that was the fix, and it dosen't fix it ... Interesting.

Matt_270581 04-08-2007 05:09 AM
I'm pretty confident if you disable a couple of the usertitle functions and the PM sending functions in each of the action files and the main functions file this will be safe. I will take the chance. Someone let me know if I am wrong.

Luky 04-08-2007 05:16 AM
Quote:
Originally Posted by Shazz (Post 1222461)
Wouldn't it be safe it the next version that was released was checked my staff first?! :|

If the conversation was true how CMX said that was the fix, and it dosen't fix it ... Interesting.
Maby he doesnt know the exploit or maby he fixed one and there is more.

Bratz-Designs 04-08-2007 05:59 AM
Quote:
Originally Posted by Shazz (Post 1222461)
Wouldn't it be safe it the next version that was released was checked my staff first?! :|

If the conversation was true how CMX said that was the fix, and it dosen't fix it ... Interesting.
*Cough*

He used part of the code you offer at your site. You tell everyone that thats save....

*Cough*

Luky 04-08-2007 07:22 AM
I dont understand what you just said Barbie, I mean Bratz! :P (I gota pick up Bratz and barbie dolls at my job in Toy section of Target...)

bashy 04-08-2007 07:45 AM
PMSL......now that was funny :rolleyes::D

Quote:
Originally Posted by Bratz-Designs (Post 1222485)
*Cough*

He used part of the code you offer at your site. You tell everyone that thats save....

*Cough*

Luky 04-08-2007 08:11 AM
Learn me! I still don get it!!!

kennethsia 06-11-2007 04:30 AM
now what. wish they fixed it


All times are GMT. The time now is 10:29 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01167 seconds
  • Memory Usage 1,804KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (13)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (33)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete